CVE-2020-6769

🗓️ 07 Feb 2020 19:57:12Reported by boschType

Missing Authentication for Critical Function in Bosch VSG (CVE-2020-6769

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2020-6769 Missing Authentication for Critical Function in Bosch Video Streaming Gateway	7 Feb 202019:57	–	cvelist
EUVD	EUVD-2020-27916	7 Oct 202500:30	–	euvd
NVD	CVE-2020-6769	7 Feb 202020:15	–	nvd
OSV	CVE-2020-6769	7 Feb 202020:15	–	osv
Prion	Authentication flaw	7 Feb 202020:15	–	prion

NVD

Node

bosch video_streaming_gatewayRange≤6.42.10

bosch video_streaming_gatewayRange6.43–6.43.0023

bosch video_streaming_gatewayRange6.44–6.44.022

bosch video_streaming_gatewayRange6.45–6.45.08

Node

bosch divar_ip_2000_firmwareRange≤3.62.0019

AND

bosch divar_ip_2000Match-

Node

bosch divar_ip_5000_firmwareRange≤3.80.0039

AND

bosch divar_ip_5000Match-

Node

bosch video_streaming_gatewayRange≤6.42.10

bosch video_streaming_gatewayRange6.43–6.43.0023

bosch video_streaming_gatewayRange6.44–6.44.022

bosch video_streaming_gatewayRange6.45–6.45.08

AND

bosch divar_ip_3000Match-

Node

bosch video_streaming_gatewayRange≤6.42.10

bosch video_streaming_gatewayRange6.43–6.43.0023

bosch video_streaming_gatewayRange6.44–6.44.022

bosch video_streaming_gatewayRange6.45–6.45.08

AND

bosch divar_ip_7000Match-

Node

bosch video_streaming_gatewayRange≤6.42.10

bosch video_streaming_gatewayRange6.43–6.43.0023

bosch video_streaming_gatewayRange6.44–6.44.022

bosch video_streaming_gatewayRange6.45–6.45.08

AND

bosch divar_ip_all-in-one_5000Match-

[
  {
    "product": "DIVAR IP 2000",
    "vendor": "Bosch",
    "versions": [
      {
        "lessThanOrEqual": "3.62.0019",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "DIVAR IP 5000",
    "vendor": "Bosch",
    "versions": [
      {
        "lessThanOrEqual": "3.80.0039",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Video Streaming Gateway",
    "vendor": "Bosch",
    "versions": [
      {
        "lessThanOrEqual": "6.45.08",
        "status": "affected",
        "version": "6.45",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "6.44.0030",
        "status": "affected",
        "version": "6.44",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "6.43.0023",
        "status": "affected",
        "version": "6.43",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "6.42.10",
        "status": "affected",
        "version": "6.42 and older",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "DIVAR IP 3000",
    "vendor": "Bosch",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  },
  {
    "product": "DIVAR IP 7000",
    "vendor": "Bosch",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  },
  {
    "product": "DIVAR IP all-in-one 5000",
    "vendor": "Bosch",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  }
]

Source	Link
psirt	www.psirt.bosch.com/security-advisories/BOSCH-SA-260625-BT.html

21 Nov 2024 05:36Current

9.4High risk

Vulners AI Score9.4

CVSS 26.4

CVSS 3.19.1 - 10

EPSS0.01082

CWE-306